Module modxview 

Cross-view kernel module detection for Linux.

Detects hidden kernel modules by cross-referencing multiple views of loaded modules: the kernel module list (modules symbol), kobj/sysfs entries, and memory-mapped regions. Rootkits that unlink from one list but not others can be detected by discrepancies between views. Equivalent to Volatility’s linux.check_modules cross-view approach.

Re-exports

pub use crate::heuristics::classify_module_visibility;

Structs

ModXviewEntry

Cross-view module visibility entry.

Functions

walk_modxview

Walk and cross-reference kernel module views for hidden module detection.